ENCRYPTING FILES WITHIN A CLOUD COMPUTING ENVIRONMENT
First Claim
1. A method for encrypting a file, the method comprises:
- retrieving the file from a storage service;
segmenting the file into multiple file segments;
calculating a file segment signature for each of the multiple file segments to provide multiple file segment signatures;
encrypting each of the multiple file segments to provide multiple encrypted file segments by using encryption keys that are in response to the multiple file segment signatures;
wherein the multiple encrypted file segments form an encrypted file; and
sending the multiple encrypted file segments to the storage service.
10 Assignments
0 Petitions
Accused Products
Abstract
A system, computer readable medium and a method for encrypting a file, the method may include retrieving the file from a storage service; segmenting the file into multiple file segments; calculating a file segment signature for each of the multiple file segments to provide multiple file segment signatures; encrypting each of the multiple file segments to provide multiple encrypted file segments by using encryption keys that are in response to the multiple file segment signatures; wherein the multiple encrypted file segments form an encrypted file; and sending the multiple encrypted file segments to the storage service.
-
Citations
43 Claims
-
1. A method for encrypting a file, the method comprises:
-
retrieving the file from a storage service; segmenting the file into multiple file segments; calculating a file segment signature for each of the multiple file segments to provide multiple file segment signatures; encrypting each of the multiple file segments to provide multiple encrypted file segments by using encryption keys that are in response to the multiple file segment signatures;
wherein the multiple encrypted file segments form an encrypted file; andsending the multiple encrypted file segments to the storage service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A method for decrypting an encrypted file, the method comprising:
-
receiving a request, by a management server, to provide at least one encryption key for decrypting at least one encrypted file segment of the encrypted file by a user device, after the management server generated the encrypted file to be of a specific file type and after a storage service stored the encrypted file;
wherein the request comprises a file segment signature;determining, by the management server, whether the user device is authorized to decrypt the at least one encrypted file segment; and sending the at least one encryption key to the user device if it is determined that the user device is authorized to decrypt the at least one encrypted file segment. - View Dependent Claims (35, 36, 37, 38)
-
-
39. A method for decrypting an encrypted file, the method comprising:
-
retrieving, by a user device, of one or more file segment signatures associated with one or more encrypted file segments of an encrypted file;
wherein each file segment signature is mapped to a decryption key that facilitates a decryption of the encrypted file segment;comparing the multiple file segment signatures to a data structure of file segment signatures that are mapped to decryption keys that are stored at the user device to find at least zero decryption keys not stored in the user device; requesting from a management server at least zero decryption keys that are not stored in the user device; receiving by the user device at least one zero encryption keys that are not stored in the user device; and decrypting the multiple encrypted file segments, wherein each encrypted file segment is decrypted using a decryption key that facilitates the decryption of the encrypted file segment. - View Dependent Claims (40)
-
-
41. A non-transitory computer readable medium that stores instructions for:
-
retrieving the file from a storage service; segmenting the file into multiple file segments; calculating a file segment signature for each of the multiple file segments to provide multiple file segment signatures; encrypting each of the multiple file segments to provide multiple encrypted file segments by using encryption keys that are in response to the multiple file segment signatures;
wherein the multiple encrypted file segments form an encrypted file; andsending the multiple encrypted file segments to the storage service.
-
-
42. A non-transitory computer readable medium that stores instructions for:
-
receiving a request, by a management server, to provide at least one decryption key for decrypting at least one encrypted file segment of the encrypted file by a user device, after the management server generated the encrypted file to be of a certain file type and after a storage service stored the encrypted file;
wherein the request comprises a file segment signature;determining, by the management server, whether the user device is authorized to decrypt the at least one encrypted file segment; and sending the at least one decryption key to the user device if it is determined that the user device is authorized to decrypt the at least one encrypted file segment.
-
-
43. A non-transitory computer readable medium that stores instructions for:
-
retrieving, by a user device, of multiple file segment signatures associated with multiple encrypted file segments of an encrypted file;
wherein each file segment signature is mapped to an encryption and decryption key that facilitates a decryption of an encrypted file segment associated with the file segment signature;comparing the multiple file segment signatures to a data structure of file segment signatures that are mapped to decryption keys that are stored at the user device to find at least zero decryption keys not stored in the user device; requesting from a management server the at least zero decryption keys that are not stored in the user device; receiving by the user device the at least one zero decryption keys that are not stored in the user device; and decrypting the multiple encrypted file segments, wherein each encrypted file segment is decrypted using an decryption key that facilitates the decryption of the encrypted file segment.
-
Specification